In RoSv6, wanting to redirect even very specific traffic (for example by specifying IP addresses, interfaces, port and protocol), I simply did routing mark, then adding routing in IP-> Route, I could choose the previously manually entered routing-mark.
In RoSv7 I see that first I have to add the routing table manually in Routing-> Tables and do the above operation by selecting the table name in IP-> Routes from the list as routing-mark.
I understand that up to this point the percentage will be the same as in the case of the configuration made in RoSv6?
However, by adding the Routing-> Rule option (all configuration below), can I make the traffic within my NS-e7 table not go to the main table, thus eliminating the need for a firewall that cuts this traffic?
My config:
Code: Select all
/ip firewall mangle
add action=mark-routing chain=prerouting in-interface-list=L2TP_Interface_loc_NS-e7_staff new-routing-mark=NS-e7 passthrough=yes
/routing table
add disabled=no fib name=NS-e7
/routing rule
add action=lookup-only-in-table disabled=no routing-mark=NS-e7 table=NS-e7
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.28.1.1 pref-src="" routing-table=NS-e7 scope=30 suppress-hw-offload=no target-scope=10